Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
IncreasePosts 11 hours ago

Ask your local corporate IT guy how many people browse porn on work computers, even though they must know it's logged.

wobfan 2 hours ago | parent | next [-]

While true, at least in my understanding of the world there is a massive difference in people involved in CSAM and people watching porn. The latter one is probably like 80% of humans with access to internet, the first one is hopefully a tiny bit smaller. Also, people are probably very aware that the latter is widely allowed and done by mostly everyone, and the first one is highly illegal, highly enforced and morally completely wrong.

I would not mind browsing porn on my work PC. I wouldn't do it, but I would not have a very bad feeling while or after it, because so be it. I don't think my employer can fire me for that.

I would mind about doing CSAM activities though.

kevin_thibedeau 8 hours ago | parent | prev | next [-]

I've had an unexpected redirect from a hacked Wordpress site in the past. One of the reasons why I will never go without an abuse blocker + NoScript on work computers. I had been trialing going without at the start of that job and lasted a few months but that incident permanently removed any latent guilt.

nullfield 4 hours ago | parent [-]

Non-whitelisted extensions are blocked in Edge, and Edge is the default browser. Chrome/FF are less locked down, more due to incompetence than not trying to be heavy-handed.

…of course, Zscaler with “all Wordpress sites blocked” is also a thing, along with the majority/nearly all of European non-English countries, because god forbid you want to read the emmet docs or something.

morkalork 11 hours ago | parent | prev [-]

There is already a market for secure phones used by organized crime, this will only intensify the demand (plus another opportunity for to infiltrate them like has also happened before)

msm_ 11 hours ago | parent [-]

As a devil's advocate, there are also criminal groups, right now, that do actual crime, that operate on discord. 99% of criminals likely don't have enough knowledge to maintain proper opsec, so spying on chats could in principle help here.

On the other hand, there are also criminal groups, right now, that do actual crime, that operate on discord. Going after them would be trivial in comparison, and yet we introduce extreme spying laws instead.

array_key_first 8 hours ago | parent [-]

I think a lot of those criminals use clear text channels because it works. If it no longer works, then they move.

Meaning, chat control might pressure criminals. For a bit. Until they wisen up and use more secure protocols and end points.

Which, not only exist, but are very easy to use and wide spread.

amarant 5 hours ago | parent [-]

How hard would it be for law enforcement today, before chat control, to get chat logs out of discord?

Discord isn't exactly known for it's privacy features, still I imagine there's some challenge?

If the effort is low, and they're not doing it today, they're not going to do it after chat control either.

array_key_first 5 hours ago | parent [-]

> How hard would it be for law enforcement today, before chat control, to get chat logs out of discord?

Not sure, speculating: somewhat hard.

Discord must comply with government subpoenas, so if you're the FBI it's easy. If you're law enforcement, I imagine they tell you to go kick rocks if you don't have a warrant.

Law enforcement is pretty bad and mostly lazy. They can't be bothered to pull people over going 20 over, let alone get a warrant for every wannabe punk.

If you're not in the US, then I imagine the effort is insurmountable.

> If the effort is low, and they're not doing it today, they're not going to do it after chat control either.

No - but it can be automated, which is the issue.

Sort of like how the US was wire tapping virtually all internet traffic at one point with PRISM.

Then I imagine the "law enforcement" is done using machine learning and heauristics.

Do you use black slang? Put him on the list. Is your name not that white sounding? That's right, the list. Are you on hacker news? You guessed it - the list.

I mean, that's pretty much how automated facial detection works now. And yeah, it sucks.

spwa4 an hour ago | parent [-]

> If you're not in the US, then I imagine the effort is insurmountable.

Actually, in the EU, the police has direct access to surveillance channels. Meaning, they have a website interface that they click around on, without anyone from the provider ever helping them at all. This allows for extracting call logs, lists of IPs they connected with, what DNS records they looked up (yes, that part is defeated by actually configuring DNS in your phone, but who does that?), ... I've seen these interfaces because I've designed their network installation and a bit of initial support. They work on cell towers.

Of course, the spying equipment itself does not log who access it and what they access. Clearly, the police do not need to be told what the value is of hiding what you're doing even if it's legal.

The only issue holding back mass-surveillance in the EU is "who pays for it?". Essentially a number of hours are tracked? Why so little? Then the local SSD is full. They want 6 months, minimum, but the state is unwilling to pay a single cent for that, and forcing providers to pay for it, that the executive (ie. ministers) haven't been willing to do.

Yes, they're supposed to get a "research judge" permission, which is more-or-less a subpoena, except much more informal, but do they actually do this? It's an honor system.